Day 1: Infrastructure
-
What is understood under infrastructure of a target?
-
Why is it of great importance to the process?
-
Understanding how the Internet *really* works
-
DNS
-
Domains
-
DNS types
-
MX/NS/A/CNAME/PTR
-
-
-
IP Addresses
-
Networks
-
Routing
-
Netmasks
-
-
AS numbers
-
-
A recon methodology
-
Methods of extracting information
-
DNS lookups
-
A/MX/NS/PTR/AXFR
-
-
Whois (IP and Domain)
-
IP Address to Geo location
-
Shared resources
-
MX/NS/A
-
-
-
Trying it all together
-
Implementation of the methodology
-
-
Case studies & tools
Day 2: People, organizations
-
Linking people and organizations to infrastructure
-
Mapping organizations to domains
-
Extending on TLD
-
Extending on name
-
Finding related domains
-
-
Turning a search engine into a recon platform
-
Introduction to advanced operators
-
How to use search engines for infrastructure scanning
-
Searching for people
-
Searching for telephone numbers
-
Tricks when using search engines
-
-
Searching for email addresses
-
Searching for documents and files
-
Extracting meta information from documents
-
-
Differences between search engines
-
Scraping web pages
-
-
How to use social networks to track people
-
LinkedIn/Facebook/Bebo/MySpace/Orkut
-
-
Other online service
-
Reverse directories
-
PGP key servers
-
Online whois providers
-
Netcraft
-
Commercial services
-
Social network aggregators
-
Rapleaf
-
Spock
-
-
-
Methodology of Internet forensics
-
Case studies
Day 3: Practice makes perfect
On day 3 of the course a number of investigations and projects will be performed by the students under the guidance of the trainer(s) – a virtual hunting party. This gives the students the opportunity to hone their skills gained in the first two days in a practical, real-world scenario. It also allows them to explore more advanced techniques and to cover questions in-depth.